Boundschecker thoughts
-
What are your thoughts on Boundschecker for Visual C++. I've used it a previous companies I've worked at and it seemed okay but nothing spectacular. I'm now in the market for this kind of product for my own company (with my own money), so I'd like comments on how useful they find it. I like to think that my code doesn't need it (yeah right), but for my own peace of mind I'd like to be able to run something on my code to spot the flaws that I miss. So is Boundchecker a worthwhile investement? Is there anything better? Michael :-)
We tried it and discarded it. We found a number of problems: 1. Provides minimal data for release versions 2. Majority of memory leak errors reported were incorrect 3. Majority of program errors reported were also incorrect The bottom line for us was that the use resulted in a total loss rather than a gain. There may be other examples that go the other way, but we found we could not trust virtually anything it reported. Ed
-
What are your thoughts on Boundschecker for Visual C++. I've used it a previous companies I've worked at and it seemed okay but nothing spectacular. I'm now in the market for this kind of product for my own company (with my own money), so I'd like comments on how useful they find it. I like to think that my code doesn't need it (yeah right), but for my own peace of mind I'd like to be able to run something on my code to spot the flaws that I miss. So is Boundchecker a worthwhile investement? Is there anything better? Michael :-)
I've been using BC for a few years, and would recommend that every programmer use it, or a similar product (like Rational Purify and others). The $500 or so price tag is cheaper than the support nightmares it might spare you. However, it is a good idea to be aware of the bugs and limitations of each product. For BoundsChecker, I've found the follwing bugs/annoyances/problems (take your pick). 1. Memory that is freed by static destructors (i.e. for objects declared globally and initialized before main() is called) is incorrectly flagged as beeing a leak. This makes memory leak detection in BC pretty much useless to me since I use a lot of global auto-pointers. (Note: the VC++ built in heap debugging facilities are really usefull in this case). 2. Even after so many releases, NuMega still haven't been able to get the "Ignore this error" stuff wrong. This is especially annoying for code that uses the STL, since BChecker bitches about every other line there. At least they finally got the MFC exclusions right... 3. As good as it is, it ain't perfect! In other words - if it finds bugs, you're lucky. If it doesn't find bugs, it doesn't mean they aren't there! There are more things, but I can't remember at this moment.. ;P But I'm sure you get the picture. -Oz --- Grab WndTabs from http://www.wndtabs.com to make your VC++ experience that much more comfortable...
-
What are your thoughts on Boundschecker for Visual C++. I've used it a previous companies I've worked at and it seemed okay but nothing spectacular. I'm now in the market for this kind of product for my own company (with my own money), so I'd like comments on how useful they find it. I like to think that my code doesn't need it (yeah right), but for my own peace of mind I'd like to be able to run something on my code to spot the flaws that I miss. So is Boundchecker a worthwhile investement? Is there anything better? Michael :-)
You definitely need at least one of such instruments if you are doing serious development. If you have a lot of money, I would even recommend to buy both purify and bounschecker - they are using different techniques. You also should be aware of limitations and bugs, for sure every reported error is not a real error. If you need to choose between Purify and BoundsChecker - download trials for both and compare ! Another similar product is HeapAgent. It is cheap, limited, but might be better for release versions, it almost does not slow execution time. Igor Proskuriakov
-
We tried it and discarded it. We found a number of problems: 1. Provides minimal data for release versions 2. Majority of memory leak errors reported were incorrect 3. Majority of program errors reported were also incorrect The bottom line for us was that the use resulted in a total loss rather than a gain. There may be other examples that go the other way, but we found we could not trust virtually anything it reported. Ed
What kind of code were you checking against? MFC, straight API, ATL, WTL? Michael :-)
-
What kind of code were you checking against? MFC, straight API, ATL, WTL? Michael :-)
-
What are your thoughts on Boundschecker for Visual C++. I've used it a previous companies I've worked at and it seemed okay but nothing spectacular. I'm now in the market for this kind of product for my own company (with my own money), so I'd like comments on how useful they find it. I like to think that my code doesn't need it (yeah right), but for my own peace of mind I'd like to be able to run something on my code to spot the flaws that I miss. So is Boundchecker a worthwhile investement? Is there anything better? Michael :-)
I like to think that my code doesn't need it (yeah right) Yeah right. Don't think like this and buy BC or Purify - this is the only advice I can give, they both are worth their prices. These days I'm using Purify. The only problem I've had was related to passing pointers as args to functions. In my shareware product, I did some tricks with xoring pointers before using them as parameters, then re-xoring them again inside function (one of weakest forms of protection against crackers). Purify gets fooled and passed pointer is incorrect - this is probably related to code and data instrumentation. Tomasz Sowinski -- http://www.shooltz.com
-
i love it. i only use it a couple of times a month, when things get really weird. but it's really useful in finding those strange things (uninitialized variables, interface leaks, etc..) -c ------------------------------ Smaller Animals Software, Inc. http://www.smalleranimals.com
What kind of code do you use it against, MFC, STL, ATL, WTL? How do you find the ui, is it usable or do you sometimes struggle with it. I know in the past I've had problems getting it to ignore problems which weren't problems. Michael :-)
-
I find Boundschecker to be well worth the cost. I don't use it much, but on those rare occassions when my app is doing the 'funky chicken' because my evil twin, Skippy, caused some kind of stack overflow problem, it is really helpful.
What kind of code do you check against? ATL, MFC, WTL, STL? Any annoying issues with it? Michael :-)
-
What kind of code do you use it against, MFC, STL, ATL, WTL? How do you find the ui, is it usable or do you sometimes struggle with it. I know in the past I've had problems getting it to ignore problems which weren't problems. Michael :-)
all of the above (except WTL, i don't use that). the UI is fine - no problems with the latest version. it seems to be less intrusive than previous versions (fewer confirmation dialogs, etc). ignoring problems that aren't problems. yeah, there's some of that, especially with templates. a lot of STL increments pointers out of bounds (never using them, just doing a "++" on them). this scares BC and you have to supress the message for each template specialization. that can be a big PITA, but i find it's usually worth the trouble, when it finds that un-inited variable or resource leak that's been troubling me. -c ------------------------------ Smaller Animals Software, Inc. http://www.smalleranimals.com
-
What are your thoughts on Boundschecker for Visual C++. I've used it a previous companies I've worked at and it seemed okay but nothing spectacular. I'm now in the market for this kind of product for my own company (with my own money), so I'd like comments on how useful they find it. I like to think that my code doesn't need it (yeah right), but for my own peace of mind I'd like to be able to run something on my code to spot the flaws that I miss. So is Boundchecker a worthwhile investement? Is there anything better? Michael :-)
-
Stan I take it Skippy in the US doesn't refer to Skippy the Bush Kangaroo a TV star of his own TV show here in Australia in the 1970's. Michael Martin Pegasystems Pty Ltd Australia martm@pegasystems.com +61 413-004-018 "Don't belong. Never join. Think for yourself. Peace" - Victor Stone
Hard to tell, Skippy gets around alot!
-
What kind of code do you check against? ATL, MFC, WTL, STL? Any annoying issues with it? Michael :-)
MFC mostly. Also, the other posters here are correct that Boundschecker reports *many* false memory leaks. That generally does not annoy me too much simply because memory leaks are so easy to detect and eliminate anyway I don't consider them to be a big deal.
-
All MFC. Once we found that it's results were untrustworthy, we abandoned all use. In some cases test changes made based on reported code errors resulted in a non working program. Ed
That explains it; if you can't modify your own code without breaking it there's no hope for figuring out how to use BC. :) BC's not perfect but its (usually minor) deficiencies are pretty well known (see nice summary of STL template specialization snafu elsewhere in this thread). It's far from being fatally flawed. -- Eric
-
That explains it; if you can't modify your own code without breaking it there's no hope for figuring out how to use BC. :) BC's not perfect but its (usually minor) deficiencies are pretty well known (see nice summary of STL template specialization snafu elsewhere in this thread). It's far from being fatally flawed. -- Eric
Perhaps I should clarify. We suspected at an early stage that the reports we saw were incorrect. To confirm this, we implemented some of the suggested improvements implied by the code errors reported. In almost each case, it resulted in a program that went from no leaks to one with leaks, or from one that ran, to one that faulted. As a result, we found that well over 50% of the problems/errors/leaks reported were completely bogus. That's when we packed it up and sent it back. Ed